Bug#859592: proftpd-dfsg: CVE-2017-7418

Salvatore Bonaccorso carnil at debian.org
Wed Apr 5 04:21:40 UTC 2017


Source: proftpd-dfsg
Version: 1.3.5b-3
Severity: important
Tags: upstream patch security
Forwarded: http://bugs.proftpd.org/show_bug.cgi?id=4295
Control: found -1 1.3.5-1

Hi,

the following vulnerability was published for proftpd-dfsg.

CVE-2017-7418[0]:
| ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the
| home directory of a user could contain a symbolic link through the
| AllowChrootSymlinks configuration option, but checks only the last path
| component when enforcing AllowChrootSymlinks. Attackers with local
| access could bypass the AllowChrootSymlinks control by replacing a path
| component (other than the last one) with a symbolic link. The threat
| model includes an attacker who is not granted full filesystem access by
| a hosting provider, but can reconfigure the home directory of an FTP
| user.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-7418
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7418
[1] http://bugs.proftpd.org/show_bug.cgi?id=4295

Regards,
Salvatore



More information about the Pkg-proftpd-maintainers mailing list